AMENDMENT TO THE CLAIMS 



1. (Currently Amended) A method of providing access to services across a computer 
network, comprising the step of: 

generating an access request, said access request including a network device description 
and a plurality of service requests indicative of computer services for which the 
network device requests provisioning; 

wherein the device description includes one or more of a device vendor, device type, 
device version and physical location; and 

forwarding said access request for authentication and authorization. 

2. (Original) A method according to Claim 1 in which the access request is a RADIUS 
packet, the service requests being defined by information contained within Vendor- 
Specific Attribute (VSA) blocks in the said packet. 

3. (Original) A method according to Claim 2 in which each said block contains a device- 
type identifier and a service-request identifier. 

4. (Original) A method according to Claim 2 in which the packet is a RADIUS-compliant 
authentication request packet. 

5. (Canceled) 

6. (Original) A method according to Claim 1 in which the service requests include a request 
for a particular service level. 

7. (Original) A method according to Claim 1 in which a policy is applied to the access 
request to determine whether access will be allowed, and if so for what services. 
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8. (Original) A method according to Claim 1 in which a network resources are provisioned 
in dependence upon the access request. 

9. (Original) A method according to Claim 1 in which the steps of receiving and applying 
are performed by an access-control server or an Authentication, Authorization and Audit 
(AAA) server. 

10. (Original) A method according to Claim 9 in which the access-control server uses the 
access request to select among multiple services that are specified for a particular device. 

11. (Currently Amended) A network device arranged to provide access to services across a 
computer network, comprising: 

means for generating an access request, said access request including a network device 
description and a plurality of service requests indicative of computer services for 
which the network device requests provisioning; 

wherein the device description includes one or more of a device vendor, device type, 
device version and physical location; and 

means for forwarding said access request for authentication and authorization. 

12. (Original) A network device according to Claim 1 1 including means to generate 
RADIUS-compliant packets, the service requests being defined by information contained 
within Vendor-Specific Attribute (VSA) blocks in this said packet. 

13. (Currently Amended) A network device, comprising: 

a network interface capable of being coupled to a computer network and for sending to 
the network access requests, and-a processor and a computer-readable storage 
medium having one or more stored sequences of instructions which, when 
executed, cause the processor to perform the steps of: 

generating an access request for forwarding via the network interface, said access request 
including a network device description and a plurality of service requests 
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indicative of computer services for which the network device requests 
provisioning; 

wherein the device description includes one or more of a device vendor, device type, 

device version and physical location; and 
forwarding said access request for authentication and authorization.[|Y|] 

14. (Original) A network device according to Claim 13 in which the access request is 
received as a RADIUS packet, the service requests being defined by information 
contained within Vendor-Specific Attribute (VSA) blocks in this said packet. 

15. (Original) A network device according to Claim 14 in which each said block contains a 
device-type identifier and a service-request identifier. 

16. (Original) A network device according to Claim 14 in which the packet is a RADIUS- 
compliant authentication request packet. 

17. (Canceled) 

18. (Original) A network device according to Claim 13 in which the service requests 
include a request for a particular service level. 

19. (Currently Amended) A computer system comprising 

an access-control server for controlling access to resources on the network when 
requested by network devices, the access-control server being arranged: 

(a) to receive an access request from a network device, said access request 
including a network device description and a plurality of service requests 
indicative of computer services for which the network device requests 
provisioning; 

wherein the device description includes one or more of a device vendor, 
device type, device version and physical location; and 
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(b) to apply a policy to the access request to determine whether access will be 
allowed, and if so for what services. 

20. (Original) A computer system according to Claim 19 in which the access control server 
instructs the provisioning of network resources in dependence upon the access request. 

21. (Original) A computer system according to Claim 19 in which the access-control server 
is an Authentication, Authorization and Audit (AAA) server. 

22. (Original) A computer system according to Claim 19 in which the access-control server 
uses the access request to select among multiple services that are specified for a particular 
device. 

23. (Currently Amended) A computer-readable storage medium carrying storing a sequence 
of instructions which, when executed by one or more processors, causes said processor or 
processors to perform the steps of: 

generating an access request for access to resources on a computer network, said access 
request including a network device description and a plurality of service requests 
indicative of computer services for which the network device requests 
provisioning; 

wherein the device description includes one or more of a device vendor, device type, 

device version and physical location; and 
forwarding said access request for authentication and authorization. [[v]] 

24. (Currently Amended) A computer-readable storage medium according to Claim 23 
further including instructions for generating a RADIUS packet, the service requests being 
defined by information contained within Vendor-Specific Attribute (VSA) blocks in said 
packet. 
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25. 



(Currently Amended) A computer-readable storage medium according to Claim 24 
further including instructions for creating within each said block a device-type identifier 
and a service-request identifier. 



26. (Currently Amended) A computer-readable storage medium according to Claim 24 in 
which the generated packet is a RADIUS-compliant authentication request packet. 

27. (Currently Amended) A computer-readable storage medium according to Claim 23, in 
which the device description includes one or more of device vendor, device type, device 
version, physical location. 

28. (Currently Amended) A computer- readable storage medium according to Claim 23, in 
which service requests include a request for a particular service level. 

29. (Original) A network device as claimed in claim 1 1 or claim 13 comprising a network 
access device which controls end-user device access to a network, and which requests 
services on behalf of one or more said end-user devices. 

30. (Original) A network device as claimed in claim 1 1 or claim 13 in which said device 
requests services for its own use. 



50325-0837 (Seq. No. 7345) 



7 



